From 92b1436011632d88fbe31ddfe434c5a49e917876 Mon Sep 17 00:00:00 2001 From: Adin Scannell Date: Tue, 25 Aug 2020 12:21:37 -0700 Subject: Include shim in individual released binaries. The debian rules are also moved to the top-level, since they apply to binaries outside the //runsc directory. Fixes #3665 PiperOrigin-RevId: 328379709 --- debian/BUILD | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ debian/description | 1 + debian/postinst.sh | 31 ++++++++++++++++++++++++++++ 3 files changed, 91 insertions(+) create mode 100644 debian/BUILD create mode 100644 debian/description create mode 100755 debian/postinst.sh (limited to 'debian') diff --git a/debian/BUILD b/debian/BUILD new file mode 100644 index 000000000..331f44a5c --- /dev/null +++ b/debian/BUILD @@ -0,0 +1,59 @@ +load("//tools:defs.bzl", "pkg_deb", "pkg_tar") + +package(licenses = ["notice"]) + +pkg_tar( + name = "debian-bin", + srcs = [ + "//runsc", + "//shim/v1:gvisor-containerd-shim", + "//shim/v2:containerd-shim-runsc-v1", + ], + mode = "0755", + package_dir = "/usr/bin", +) + +pkg_tar( + name = "debian-data", + extension = "tar.gz", + deps = [ + ":debian-bin", + "//shim:config", + ], +) + +genrule( + name = "debian-version", + # Note that runsc must appear in the srcs parameter and not the tools + # parameter, otherwise it will not be stamped. This is reasonable, as tools + # may be encoded differently in the build graph (cached more aggressively + # because they are assumes to be hermetic). + srcs = ["//runsc"], + outs = ["version.txt"], + # Note that the little dance here is necessary because files in the $(SRCS) + # attribute are not executable by default, and we can't touch in place. + cmd = "cp $(location //runsc:runsc) $(@D)/runsc && \ + chmod a+x $(@D)/runsc && \ + $(@D)/runsc -version | grep version | sed 's/^[^0-9]*//' > $@ && \ + rm -f $(@D)/runsc", + stamp = 1, +) + +pkg_deb( + name = "debian", + architecture = "amd64", + data = ":debian-data", + # Note that the description_file will be flatten (all newlines removed), + # and therefore it is kept to a simple one-line description. The expected + # format for debian packages is "short summary\nLonger explanation of + # tool." and this is impossible with the flattening. + description_file = "description", + homepage = "https://gvisor.dev/", + maintainer = "The gVisor Authors ", + package = "runsc", + postinst = "postinst.sh", + version_file = ":version.txt", + visibility = [ + "//visibility:public", + ], +) diff --git a/debian/description b/debian/description new file mode 100644 index 000000000..9e8e08805 --- /dev/null +++ b/debian/description @@ -0,0 +1 @@ +gVisor container sandbox runtime diff --git a/debian/postinst.sh b/debian/postinst.sh new file mode 100755 index 000000000..d1e28e17b --- /dev/null +++ b/debian/postinst.sh @@ -0,0 +1,31 @@ +#!/bin/sh -e + +# Copyright 2019 The gVisor Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +if [ "$1" != configure ]; then + exit 0 +fi + +# Update docker configuration. +if [ -f /etc/docker/daemon.json ]; then + runsc install + if systemctl status docker 2>/dev/null; then + systemctl restart docker || echo "unable to restart docker; you must do so manually." >&2 + fi +fi + +# For containerd-based installers, we don't automatically update the +# configuration. If it uses a v2 shim, then it will find the package binaries +# automatically when provided the appropriate annotation. -- cgit v1.2.3